Detects users that have email forwarding rules defined.
Email forwarding is mostly harmless and comes from the need to deal with life changes and organizational shifts. However, this is also a known bad pattern for people knowing they are about to change jobs and is a cause of data loss.
You can add known domains to the ignore list.
Recommended Actions
Please check if the forward rule is legitimate, for example, contractors and managers, or a potential data loss issue.
